CVE-2023-5973: Truncated port name
First published: Fri Apr 05 2024(Updated: )
Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent the portName to the user if the portName contains reserved characters. This could allow an authenticated user to alter the UI of the Brocade Switch and change ports display.
Credit: sirt@brocade.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Brocade FABRIC OS (FOS) | <9.2.0 | |
| Broadcom Fabric Operating System | >=9.0.0<9.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-5973?
CVE-2023-5973 has a medium severity rating, impacting the display of port names in the Brocade Web Interface.
How do I fix CVE-2023-5973?
To fix CVE-2023-5973, users should upgrade to Brocade Fabric OS version 9.2.0 or later.
What is the impact of CVE-2023-5973 on affected systems?
CVE-2023-5973 could allow an authenticated user to manipulate the user interface of the Brocade Switch by altering port displays.
Who is affected by CVE-2023-5973?
CVE-2023-5973 affects users of Brocade Fabric OS versions prior to 9.2.0.
Which versions of Fabric OS are vulnerable to CVE-2023-5973?
Fabric OS versions from 9.0.0 up to, but not including, 9.2.0 are vulnerable to CVE-2023-5973.
- agent/title
- agent/weakness
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- agent/event
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/brocade
- canonical/brocade fabric os (fos)
- vendor/broadcom